aboutsummaryrefslogtreecommitdiff
path: root/libjava/classpath/javax/net
diff options
context:
space:
mode:
authorTom Tromey <tromey@gcc.gnu.org>2007-01-09 19:58:05 +0000
committerTom Tromey <tromey@gcc.gnu.org>2007-01-09 19:58:05 +0000
commit97b8365cafc3a344a22d3980b8ed885f5c6d8357 (patch)
tree996a5f57d4a68c53473382e45cb22f574cb3e4db /libjava/classpath/javax/net
parentc648dedbde727ca3f883bb5fd773aa4af70d3369 (diff)
downloadgcc-97b8365cafc3a344a22d3980b8ed885f5c6d8357.zip
gcc-97b8365cafc3a344a22d3980b8ed885f5c6d8357.tar.gz
gcc-97b8365cafc3a344a22d3980b8ed885f5c6d8357.tar.bz2
Merged gcj-eclipse branch to trunk.
From-SVN: r120621
Diffstat (limited to 'libjava/classpath/javax/net')
-rw-r--r--libjava/classpath/javax/net/ssl/CertPathTrustManagerParameters.java71
-rw-r--r--libjava/classpath/javax/net/ssl/HandshakeCompletedEvent.java31
-rw-r--r--libjava/classpath/javax/net/ssl/HttpsURLConnection.java45
-rw-r--r--libjava/classpath/javax/net/ssl/KeyManagerFactory.java106
-rw-r--r--libjava/classpath/javax/net/ssl/KeyStoreBuilderParameters.java48
-rw-r--r--libjava/classpath/javax/net/ssl/SSLContext.java148
-rw-r--r--libjava/classpath/javax/net/ssl/SSLContextSpi.java22
-rw-r--r--libjava/classpath/javax/net/ssl/SSLEngine.java442
-rw-r--r--libjava/classpath/javax/net/ssl/SSLEngineResult.java194
-rw-r--r--libjava/classpath/javax/net/ssl/SSLSession.java67
-rw-r--r--libjava/classpath/javax/net/ssl/SSLSocketFactory.java2
-rw-r--r--libjava/classpath/javax/net/ssl/TrustManagerFactory.java103
-rw-r--r--libjava/classpath/javax/net/ssl/X509ExtendedKeyManager.java96
13 files changed, 1220 insertions, 155 deletions
diff --git a/libjava/classpath/javax/net/ssl/CertPathTrustManagerParameters.java b/libjava/classpath/javax/net/ssl/CertPathTrustManagerParameters.java
new file mode 100644
index 0000000..b6dc135
--- /dev/null
+++ b/libjava/classpath/javax/net/ssl/CertPathTrustManagerParameters.java
@@ -0,0 +1,71 @@
+/* CertPathTrustManagerParameters.java --
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package javax.net.ssl;
+
+import java.security.cert.CertPathParameters;
+
+/**
+ * Trust manager parameters for certification paths.
+ */
+public class CertPathTrustManagerParameters implements ManagerFactoryParameters
+{
+ private final CertPathParameters params;
+
+ /**
+ * Creates a new trust manager parameter instance. The argument is
+ * cloned to prevent modification of this instance.
+ *
+ * @param params The certificate path parameters.
+ * @throws NullPointerException If params is null.
+ */
+ public CertPathTrustManagerParameters (final CertPathParameters params)
+ {
+ this.params = (CertPathParameters) params.clone ();
+ }
+
+ /**
+ * Returns a copy of the certificate path parameters.
+ *
+ * @return A copy of the certificate path parameters.
+ */
+ public CertPathParameters getParameters ()
+ {
+ return (CertPathParameters) params.clone ();
+ }
+}
diff --git a/libjava/classpath/javax/net/ssl/HandshakeCompletedEvent.java b/libjava/classpath/javax/net/ssl/HandshakeCompletedEvent.java
index 743f137..b65dff0 100644
--- a/libjava/classpath/javax/net/ssl/HandshakeCompletedEvent.java
+++ b/libjava/classpath/javax/net/ssl/HandshakeCompletedEvent.java
@@ -38,6 +38,7 @@ exception statement from your version. */
package javax.net.ssl;
+import java.security.Principal;
import java.security.cert.Certificate;
import javax.security.cert.X509Certificate;
@@ -108,6 +109,20 @@ public class HandshakeCompletedEvent extends java.util.EventObject
}
/**
+ * Returns the local identity used in this connection, or
+ * <code>null</code> if there is none.
+ *
+ * @return The local identity.
+ * @since 1.5
+ */
+ public Principal getLocalPrincipal ()
+ {
+ if (session != null)
+ return session.getLocalPrincipal ();
+ return null;
+ }
+
+ /**
* Returns the peer's certificates being used in this connection.
*
* @return The peer's certificates.
@@ -129,6 +144,22 @@ public class HandshakeCompletedEvent extends java.util.EventObject
}
/**
+ * Returns the peer's identity, or <code>null</code> if there is
+ * none.
+ *
+ * @return The peer's identity.
+ * @throws SSLPeerUnverifiedException If the remote peer's identity
+ * could not be verified.
+ * @since 1.5
+ */
+ public Principal getPeerPrincipal () throws SSLPeerUnverifiedException
+ {
+ if (session != null)
+ return session.getPeerPrincipal ();
+ return null;
+ }
+
+ /**
* Returns the SSL session object associated with this connection.
*
* @return The session object.
diff --git a/libjava/classpath/javax/net/ssl/HttpsURLConnection.java b/libjava/classpath/javax/net/ssl/HttpsURLConnection.java
index 3f30dc1..7d68162 100644
--- a/libjava/classpath/javax/net/ssl/HttpsURLConnection.java
+++ b/libjava/classpath/javax/net/ssl/HttpsURLConnection.java
@@ -38,9 +38,12 @@ exception statement from your version. */
package javax.net.ssl;
+import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
+import java.security.Principal;
import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
/**
* A URL connection that connects via the <i>Secure Socket Layer</i>
@@ -245,6 +248,48 @@ public abstract class HttpsURLConnection extends HttpURLConnection
this.factory = factory;
}
+ /**
+ * Returns the local principal for this connection.
+ *
+ * <p>The default implementation will return the {@link
+ * javax.security.x500.X500Principal} for the end entity certificate
+ * in the local certificate chain if those certificates are of type
+ * {@link java.security.cert.X509Certificate}. Otherwise, this
+ * method returns <code>null</code>.
+ *
+ * @return The local principal.
+ * @since 1.5
+ */
+ public Principal getLocalPrincipal ()
+ {
+ Certificate[] c = getLocalCertificates ();
+ if (c != null && c.length > 0 && (c[0] instanceof X509Certificate))
+ return ((X509Certificate) c[0]).getSubjectX500Principal ();
+ return null;
+ }
+
+ /**
+ * Returns the remote peer's principal for this connection.
+ *
+ * <p>The default implementation will return the {@link
+ * javax.security.x500.X500Principal} for the end entity certificate
+ * in the remote peer's certificate chain if those certificates are
+ * of type {@link java.security.cert.X509Certificate}. Otherwise,
+ * this method returns <code>null</code>.
+ *
+ * @return The remote principal.
+ * @throws SSLPeerUnverifiedException If the remote peer has not
+ * been verified.
+ * @since 1.5
+ */
+ public Principal getPeerPrincipal () throws SSLPeerUnverifiedException
+ {
+ Certificate[] c = getServerCertificates ();
+ if (c != null && c.length > 0 && (c[0] instanceof X509Certificate))
+ return ((X509Certificate) c[0]).getSubjectX500Principal ();
+ return null;
+ }
+
// Abstract methods.
// -------------------------------------------------------------------
diff --git a/libjava/classpath/javax/net/ssl/KeyManagerFactory.java b/libjava/classpath/javax/net/ssl/KeyManagerFactory.java
index ab8abd6..33f2fda9 100644
--- a/libjava/classpath/javax/net/ssl/KeyManagerFactory.java
+++ b/libjava/classpath/javax/net/ssl/KeyManagerFactory.java
@@ -132,49 +132,55 @@ public class KeyManagerFactory
}
/**
- * Get an instance of the named key manager factory, from the first
+ * Create an instance of the named key manager factory, from the first
* provider that implements it.
- *
+ *
* @param algorithm The type of key manager factory to get.
* @return An appropriate implementation of that algoritm.
- * @throws NoSuchAlgorithmException If no provider implements the
- * requested algorithm.
+ * @throws NoSuchAlgorithmException If no provider implements the requested
+ * algorithm.
+ * @throws IllegalArgumentException if <code>algorithm</code> is
+ * <code>null</code> or is an empty string.
*/
public static final KeyManagerFactory getInstance(String algorithm)
- throws NoSuchAlgorithmException
+ throws NoSuchAlgorithmException
{
- Provider[] provs = Security.getProviders();
- for (int i = 0; i < provs.length; i++)
- {
- try
- {
- return getInstance(algorithm, provs[i]);
- }
- catch (NoSuchAlgorithmException ignore)
- {
- }
- }
+ Provider[] p = Security.getProviders();
+ NoSuchAlgorithmException lastException = null;
+ for (int i = 0; i < p.length; i++)
+ try
+ {
+ return getInstance(algorithm, p[i]);
+ }
+ catch (NoSuchAlgorithmException x)
+ {
+ lastException = x;
+ }
+ if (lastException != null)
+ throw lastException;
throw new NoSuchAlgorithmException(algorithm);
}
/**
- * Get an instance of the named key manager factory, from the named
+ * Create an instance of the named key manager factory, from the named
* provider.
- *
+ *
* @param algorithm The type of key manager factory to get.
- * @param provider The name of the provider to get the
- * implementation from.
+ * @param provider The name of the provider to get the implementation from.
* @return An appropriate implementation of that algorithm.
- * @throws NoSuchAlgorithmException If the provider does not
- * implement the requested algorithm.
- * @throws NoSuchProviderException If the named provider does not
- * exist.
+ * @throws NoSuchAlgorithmException If the provider does not implement the
+ * requested algorithm.
+ * @throws NoSuchProviderException If the named provider does not exist.
+ * @throws IllegalArgumentException if either <code>algorithm</code> or
+ * <code>provider</code> is <code>null</code>, or if
+ * <code>algorithm</code> is an empty string.
*/
- public static final KeyManagerFactory getInstance(String algorithm, String provider)
- throws NoSuchAlgorithmException, NoSuchProviderException
+ public static final KeyManagerFactory getInstance(String algorithm,
+ String provider)
+ throws NoSuchAlgorithmException, NoSuchProviderException
{
if (provider == null)
- throw new IllegalArgumentException("provider is null");
+ throw new IllegalArgumentException("provider MUST NOT be null");
Provider p = Security.getProvider(provider);
if (p == null)
throw new NoSuchProviderException(provider);
@@ -182,40 +188,48 @@ public class KeyManagerFactory
}
/**
- * Get an instance of the named key manager factory, from the given
+ * Create an instance of the named key manager factory, from the given
* provider.
- *
+ *
* @param algorithm The type of key manager factory to get.
* @param provider The provider to get the implementation from.
* @return An appropriate implementation of that algorithm.
- * @throws NoSuchAlgorithmException If the provider does not
- * implement the requested algorithm.
- * @throws IllegalArgumentException If <i>provider</i> is null.
+ * @throws NoSuchAlgorithmException If the provider does not implement the
+ * requested algorithm.
+ * @throws IllegalArgumentException if either <code>algorithm</code> or
+ * <code>provider</code> is <code>null</code>, or if
+ * <code>algorithm</code> is an empty string.
*/
- public static final KeyManagerFactory getInstance(String algorithm, Provider provider)
- throws NoSuchAlgorithmException
+ public static final KeyManagerFactory getInstance(String algorithm,
+ Provider provider)
+ throws NoSuchAlgorithmException
{
- if (provider == null)
- throw new IllegalArgumentException("provider is null");
+ StringBuilder sb = new StringBuilder("KeyManagerFactory algorithm [")
+ .append(algorithm).append("] from provider[")
+ .append(provider).append("] could not be created");
+ Throwable cause;
try
{
- return new KeyManagerFactory((KeyManagerFactorySpi)
- Engine.getInstance(KEY_MANAGER_FACTORY, algorithm, provider),
- provider, algorithm);
+ Object spi = Engine.getInstance(KEY_MANAGER_FACTORY, algorithm, provider);
+ return new KeyManagerFactory((KeyManagerFactorySpi) spi, provider, algorithm);
}
- catch (InvocationTargetException ite)
+ catch (InvocationTargetException x)
{
- throw new NoSuchAlgorithmException(algorithm);
+ cause = x.getCause();
+ if (cause instanceof NoSuchAlgorithmException)
+ throw (NoSuchAlgorithmException) cause;
+ if (cause == null)
+ cause = x;
}
- catch (ClassCastException cce)
+ catch (ClassCastException x)
{
- throw new NoSuchAlgorithmException(algorithm);
+ cause = x;
}
+ NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString());
+ x.initCause(cause);
+ throw x;
}
- // Instance methods.
- // -------------------------------------------------------------------
-
/**
* Returns the name of this key manager factory algorithm.
*
diff --git a/libjava/classpath/javax/net/ssl/KeyStoreBuilderParameters.java b/libjava/classpath/javax/net/ssl/KeyStoreBuilderParameters.java
new file mode 100644
index 0000000..2aa665e
--- /dev/null
+++ b/libjava/classpath/javax/net/ssl/KeyStoreBuilderParameters.java
@@ -0,0 +1,48 @@
+/* KeyStoreBuilderParameters.java --
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package javax.net.ssl;
+
+/**
+ * <p style="color: red;"><b>FIXME</b> this class is currently a stub;
+ * it depends on an implementation of {@link
+ * java.security.KeyStore.Builder}</p>.
+ */
+public class KeyStoreBuilderParameters implements ManagerFactoryParameters
+{
+}
diff --git a/libjava/classpath/javax/net/ssl/SSLContext.java b/libjava/classpath/javax/net/ssl/SSLContext.java
index eaf3e36..dcc8508 100644
--- a/libjava/classpath/javax/net/ssl/SSLContext.java
+++ b/libjava/classpath/javax/net/ssl/SSLContext.java
@@ -91,101 +91,127 @@ public class SSLContext
this.protocol = protocol;
}
- // Class methods.
- // ------------------------------------------------------------------
-
/**
- * Get an instance of a context for the specified protocol from the
- * first provider that implements it.
- *
+ * Get an instance of a context for the specified protocol from the first
+ * provider that implements it.
+ *
* @param protocol The name of the protocol to get a context for.
* @return The new context.
- * @throws NoSuchAlgorithm If no provider implements the given
- * protocol.
+ * @throws NoSuchAlgorithmException If no provider implements the given
+ * protocol.
+ * @throws IllegalArgumentException if <code>protocol</code> is
+ * <code>null</code> or is an empty string.
*/
public static final SSLContext getInstance(String protocol)
- throws NoSuchAlgorithmException
+ throws NoSuchAlgorithmException
{
- Provider[] provs = Security.getProviders();
- for (int i = 0; i < provs.length; i++)
- {
- try
- {
- return getInstance(protocol, provs[i]);
- }
- catch (NoSuchAlgorithmException ignore)
- {
- }
- }
+ Provider[] p = Security.getProviders();
+ NoSuchAlgorithmException lastException = null;
+ for (int i = 0; i < p.length; i++)
+ try
+ {
+ return getInstance(protocol, p[i]);
+ }
+ catch (NoSuchAlgorithmException x)
+ {
+ lastException = x;
+ }
+ if (lastException != null)
+ throw lastException;
throw new NoSuchAlgorithmException(protocol);
}
/**
- * Get an instance of a context for the specified protocol from the
- * named provider.
- *
+ * Get an instance of a context for the specified protocol from the named
+ * provider.
+ *
* @param protocol The name of the protocol to get a context for.
- * @param provider The name of the provider to get the
- * implementation from.
+ * @param provider The name of the provider to get the implementation from.
* @return The new context.
- * @throws NoSuchAlgorithmException If the provider does not
- * implement the given protocol.
- * @throws NoSuchProviderException If the named provider does not
- * exist.
- * @throws IllegalArgumentException If <i>provider</i> is null.
+ * @throws NoSuchAlgorithmException If the provider does not implement the
+ * given protocol.
+ * @throws NoSuchProviderException If the named provider does not exist.
+ * @throws IllegalArgumentException if either <code>protocol</code> or
+ * <code>provider</code> is <code>null</code>, or if
+ * <code>protocol</code> is an empty string.
*/
- public static final SSLContext getInstance(String protocol,
- String provider)
- throws NoSuchAlgorithmException, NoSuchProviderException
+ public static final SSLContext getInstance(String protocol, String provider)
+ throws NoSuchAlgorithmException, NoSuchProviderException
{
if (provider == null)
- {
- throw new IllegalArgumentException("null provider");
- }
+ throw new IllegalArgumentException("provider MUST NOT be null");
Provider p = Security.getProvider(provider);
if (p == null)
- {
- throw new NoSuchProviderException(provider);
- }
+ throw new NoSuchProviderException(provider);
return getInstance(protocol, p);
}
/**
- * Get an instance of a context for the specified protocol from the
- * specified provider.
- *
+ * Get an instance of a context for the specified protocol from the specified
+ * provider.
+ *
* @param protocol The name of the protocol to get a context for.
- * @param provider The name of the provider to get the
- * implementation from.
+ * @param provider The name of the provider to get the implementation from.
* @return The new context.
- * @throws NoSuchAlgorithmException If the provider does not
- * implement the given protocol.
- * @throws IllegalArgumentException If <i>provider</i> is null.
+ * @throws NoSuchAlgorithmException If the provider does not implement the
+ * given protocol.
+ * @throws IllegalArgumentException if either <code>protocol</code> or
+ * <code>provider</code> is <code>null</code>, or if
+ * <code>protocol</code> is an empty string.
*/
- public static final SSLContext getInstance(String protocol,
- Provider provider)
- throws NoSuchAlgorithmException
+ public static final SSLContext getInstance(String protocol, Provider provider)
+ throws NoSuchAlgorithmException
{
+ StringBuilder sb = new StringBuilder("SSLContext for protocol [")
+ .append(protocol).append("] from provider[")
+ .append(provider).append("] could not be created");
+ Throwable cause;
try
{
- return new SSLContext((SSLContextSpi)
- Engine.getInstance(SSL_CONTEXT, protocol, provider),
- provider, protocol);
+ Object spi = Engine.getInstance(SSL_CONTEXT, protocol, provider);
+ return new SSLContext((SSLContextSpi) spi, provider, protocol);
}
- catch (InvocationTargetException ite)
+ catch (InvocationTargetException x)
{
- NoSuchAlgorithmException nsae = new NoSuchAlgorithmException(protocol);
- throw (NoSuchAlgorithmException) nsae.initCause(ite);
+ cause = x.getCause();
+ if (cause instanceof NoSuchAlgorithmException)
+ throw (NoSuchAlgorithmException) cause;
+ if (cause == null)
+ cause = x;
}
- catch (ClassCastException cce)
+ catch (ClassCastException x)
{
- NoSuchAlgorithmException nsae = new NoSuchAlgorithmException(protocol);
- throw (NoSuchAlgorithmException) nsae.initCause(cce);
+ cause = x;
}
+ NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString());
+ x.initCause(cause);
+ throw x;
}
- // Instance methods.
- // -----------------------------------------------------------------
+ /**
+ * Creates a new {@link SSLEngine} for this context.
+ *
+ * @return The new SSLEngine.
+ * @since 1.5
+ */
+ public final SSLEngine createSSLEngine ()
+ {
+ return ctxSpi.engineCreateSSLEngine ();
+ }
+
+ /**
+ * Creates a new {@link SSLEngine} for this context, with a given
+ * host name and port number.
+ *
+ * @param host The local host name.
+ * @param port The local port number.
+ * @return The new SSLEngine.
+ * @since 1.5
+ */
+ public final SSLEngine createSSLEngine (final String host, final int port)
+ {
+ return ctxSpi.engineCreateSSLEngine (host, port);
+ }
/**
* Returns the set of SSL contexts available for client connections.
diff --git a/libjava/classpath/javax/net/ssl/SSLContextSpi.java b/libjava/classpath/javax/net/ssl/SSLContextSpi.java
index a6b0c75..03c44f8 100644
--- a/libjava/classpath/javax/net/ssl/SSLContextSpi.java
+++ b/libjava/classpath/javax/net/ssl/SSLContextSpi.java
@@ -64,6 +64,28 @@ public abstract class SSLContextSpi
// Abstract methods.
// -------------------------------------------------------------------
+ // Sun, you've broken existing applications by introducing new
+ // abstract methods! Goodjob!!!
+
+ /**
+ * Returns a new {@link SSLEngine} for this context.
+ *
+ * @return A new SSLEngine.
+ * @since 1.5
+ */
+ protected abstract SSLEngine engineCreateSSLEngine ();
+
+ /**
+ * Returns a new {@link SSLEngine} for this context, for the given
+ * host name and port number.
+ *
+ * @param host The local host name.
+ * @param port The local port number.
+ * @return A new SSLEngine.
+ * @since 1.5
+ */
+ protected abstract SSLEngine engineCreateSSLEngine (String host, int port);
+
/**
* Returns the set of SSL sessions available for client connections.
*
diff --git a/libjava/classpath/javax/net/ssl/SSLEngine.java b/libjava/classpath/javax/net/ssl/SSLEngine.java
new file mode 100644
index 0000000..efab972
--- /dev/null
+++ b/libjava/classpath/javax/net/ssl/SSLEngine.java
@@ -0,0 +1,442 @@
+/* SSLEngine.java -- advanced, generic utility for manipulating SSL messages.
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package javax.net.ssl;
+
+import java.nio.ByteBuffer;
+
+/**
+ * A class for low-level message wrapping and unwrapping of SSL
+ * messages.
+ *
+ * @author Casey Marshall (csm@gnu.org)
+ * @since 1.5
+ */
+public abstract class SSLEngine
+{
+ private final String peerHost;
+ private final int peerPort;
+
+ /**
+ * Creates a new SSLEngine with no peer host name or port number.
+ */
+ protected SSLEngine ()
+ {
+ this (null, -1);
+ }
+
+ /**
+ * Creates a new SSLEngine with the specified peer host name and
+ * port number.
+ *
+ * @param peerHost The peer's host name.
+ * @param peerPort The peer's port number.
+ */
+ protected SSLEngine (String peerHost, int peerPort)
+ {
+ this.peerHost = peerHost;
+ this.peerPort = peerPort;
+ }
+
+
+
+ /**
+ * Begin, or restart, the SSL handshake.
+ *
+ * @throws SSLException
+ */
+ public abstract void beginHandshake () throws SSLException;
+
+ /**
+ * Close the inbound state.
+ *
+ * @throws SSLException
+ */
+ public abstract void closeInbound () throws SSLException;
+
+ /**
+ * Close the outbound state.
+ */
+ public abstract void closeOutbound ();
+
+ /**
+ *
+ */
+ public abstract Runnable getDelegatedTask ();
+
+ /**
+ * Returns the peer host name this SSL session is connected to, or
+ * <code>null</code> if this value was not set.
+ *
+ * @return The peer host's name.
+ */
+ public String getPeerHost ()
+ {
+ return peerHost;
+ }
+
+ /**
+ * Returns the peer IP port number this SSL session in communicating
+ * on, or -1 if this value was not set.
+ *
+ * @return The peer's port number.
+ */
+ public int getPeerPort ()
+ {
+ return peerPort;
+ }
+
+ /**
+ * Returns a list of SSL cipher suite names this SSLEngine is
+ * configured to use.
+ *
+ * @return The list of enabled cipher suite names.
+ */
+ public abstract String[] getEnabledCipherSuites();
+
+ /**
+ * Returns a list of SSL protocol version names this SSLEngine is
+ * configured to use.
+ *
+ * @return The list of enabled protocol names.
+ */
+ public abstract String[] getEnabledProtocols ();
+
+ /**
+ * Tells if sessions will be created by this engine, and therefore
+ * may be resumed at a later time.
+ *
+ * @return True if sessions will be created.
+ */
+ public abstract boolean getEnableSessionCreation();
+
+ /**
+ * Return the current handshake status.
+ *
+ * @return The current handshake status.
+ */
+ public abstract SSLEngineResult.HandshakeStatus getHandshakeStatus ();
+
+ /**
+ * Tells if this SSLEngine is configured to require client
+ * authentication when in server mode.
+ *
+ * @return True iff client authentication is required.
+ */
+ public abstract boolean getNeedClientAuth ();
+
+ /**
+ * Return the {@link SSLSession} object this connection represents.
+ *
+ * @return The SSL session.
+ */
+ public abstract SSLSession getSession ();
+
+ /**
+ * Returns a list of SSL cipher suite names this SSLEngine
+ * implementation supports.
+ *
+ * @return The list of cipher suite names supported by this
+ * implementation.
+ */
+ public abstract String[] getSupportedCipherSuites ();
+
+ /**
+ * Returns a list of SSL protocol version names this SSLEngine
+ * implementation supports. SSL protocol names include things like
+ * "SSLv3" or "TLSv1".
+ *
+ * @return The list of SSL protocol names
+ */
+ public abstract String[] getSupportedProtocols ();
+
+ /**
+ * Tells if this SSLEngine is a "client" session.
+ *
+ * @return True iff this session is configured for client mode.
+ */
+ public abstract boolean getUseClientMode ();
+
+ /**
+ * Tells if client authentication is requested, but not required,
+ * for sessions in server mode. If true, a server session will
+ * request an authentication message from connecting clients, but
+ * will still allow clients to connect if they cannot be
+ * authenticated.
+ *
+ * @return True iff client authentication is requested.
+ */
+ public abstract boolean getWantClientAuth ();
+
+ /**
+ * Tells if the incoming data stream is finished, and thus if no
+ * more data will be available to be unwrapped.
+ *
+ * @return True if no more data is to be unwrapped.
+ */
+ public abstract boolean isInboundDone ();
+
+ /**
+ * Tells if the outgoing data stream is finished, and thus if no
+ * more data may be wrapped.
+ *
+ * @return True if no more data may be wrapped.
+ */
+ public abstract boolean isOutboundDone ();
+
+ /**
+ * Sets the list of enabled cipher suites. The argument is an array
+ * of strings of the canonical suite names.
+ *
+ * @param suites The cipher suites to enable.
+ * @throws IllegalArgumentException If any of the specified suite
+ * strings is not supported by this implementation, or if the
+ * argument is null.
+ */
+ public abstract void setEnabledCipherSuites (String[] suites);
+
+ /**
+ * Sets the list of enabled protocol versions. The argument is an
+ * array of strings of the canonical protocol version names, such as
+ * "TLSv1".
+ *
+ * @param protocols The protocol versions to enable.
+ * @throws IllegalArgumentException If any of the specified
+ * protocols are not supported, or if the argument is null.
+ */
+ public abstract void setEnabledProtocols (String[] protocols);
+
+ /**
+ * Enables or disables session creation. If enabled, each connection
+ * will create session that may be resumed by another connection.
+ *
+ * @param create Whether or not to enable session creation.
+ */
+ public abstract void setEnableSessionCreation (boolean create);
+
+ /**
+ * Enables client or server mode. If the argument is true, this
+ * engine will run in client mode; if false, server mode.
+ *
+ * @param clientMode Whether or not to use client mode.
+ */
+ public abstract void setUseClientMode (boolean clientMode);
+
+ /**
+ * Enables or disables required client authentication. If enabled,
+ * clients may only connect if they provide proper identification.
+ *
+ * <p>This parameter is only used in server mode.
+ *
+ * @param needAuth Whether or not client authentication is required.
+ */
+ public abstract void setNeedClientAuth (boolean needAuth);
+
+ /**
+ * Enables or disables requested client authentication. If enabled,
+ * clients will be asked to provide proper identification, but will
+ * still be allowed to connect if they do not provide it.
+ *
+ * <p>This parameter is only used in server mode.
+ *
+ * @param wantAuth Whether or not client authentication will be
+ * requested, but not required.
+ */
+ public abstract void setWantClientAuth (boolean wantAuth);
+
+ /**
+ * Unwraps a byte buffer recieved from the network, storing the
+ * decrypted, unwrapped bytes into the given buffer.
+ *
+ * <p>This call is exactly equivalent to <code>unwrap (source, new
+ * ByteBuffer[] { sink }, 0, 1)</code>.
+ *
+ * @param source The source bytes, coming from the network.
+ * @param sink The buffer to hold the unwrapped message.
+ * @return An engine result object for the operation.
+ * @throws SSLException If an SSL message parsing error occurs.
+ * @throws java.nio.ReadOnlyBufferException If 'sink' is not
+ * writable.
+ * @throws IllegalArgumentException If either 'source' or 'sink' is
+ * null.
+ * @throws IllegalStateException If this engine has not been put
+ * into client or server mode.
+ */
+ public SSLEngineResult unwrap (ByteBuffer source, ByteBuffer sink)
+ throws SSLException
+ {
+ return unwrap (source, new ByteBuffer[] { sink }, 0, 1);
+ }
+
+ /**
+ * Unwraps a byte buffer recieved from the network, storing the
+ * decrypted, unwrapped bytes into the given buffers.
+ *
+ * <p>This call is exactly equivalent to <code>unwrap (source,
+ * sinks, 0, sinks.length)</code>.
+ *
+ * @param source The source bytes, coming from the network.
+ * @param sinks The buffers to hold the unwrapped message.
+ * @return An engine result object for the operation.
+ * @throws SSLException If an SSL message parsing error occurs.
+ * @throws java.nio.ReadOnlyBufferException If any buffer in 'sinks'
+ * is not writable.
+ * @throws IllegalArgumentException If either 'source' or 'sinks' is
+ * null.
+ * @throws IllegalStateException If this engine has not been put
+ * into client or server mode.
+ */
+ public SSLEngineResult unwrap (ByteBuffer source, ByteBuffer[] sinks)
+ throws SSLException
+ {
+ return unwrap (source, sinks, 0, sinks.length);
+ }
+
+ /**
+ * Unwraps a byte buffer received from the network, storing the
+ * decrypted, unwrapped bytes into the given buffers. After
+ * unwrapping, the bytes placed into the sink buffers are ready for
+ * consumption by the application.
+ *
+ * <p>This method may place no bytes in the destination buffer; for
+ * example, if this engine is still performing the SSL handshake,
+ * only handshake data will be consumed, and no application data.
+ *
+ * <p>It is stated that this method may modify the source buffer,
+ * and that it must not be passed to another SSLEngine (SSL
+ * connections are independent, so another SSLEngine will not have
+ * the parameters or state to handle messages meant for this
+ * engine).
+ *
+ * @param source The source bytes, coming from the network.
+ * @param sinks The buffers to hold the unwrapped message.
+ * @param offset The index of the first buffer in 'sinks' to use.
+ * @param length The number of buffers in 'sinks' to use.
+ * @return An engine result object for the operation.
+ * @throws SSLException If an SSL message parsing error occurs.
+ * @throws java.nio.ReadOnlyBufferException If any buffer in 'sinks'
+ * is not writable.
+ * @throws IllegalArgumentException If either 'source' or 'sinks' is
+ * null.
+ * @throws IllegalStateException If this engine has not been put
+ * into client or server mode.
+ * @throws IndexOutOfBoundsException If 'offset' or 'length' is
+ * negative, or if 'length+offset' is greater than 'sinks.length'.
+ */
+ public abstract SSLEngineResult unwrap (ByteBuffer source,
+ ByteBuffer[] sinks, int offset,
+ int length)
+ throws javax.net.ssl.SSLException;
+
+ /**
+ * Wraps a byte buffer into an SSL message, for preparation to send
+ * it over the network.
+ *
+ * <p>This method is exactly equivalent to <code>wrap (new
+ * ByteBuffer[] { source }, 0, 1, sink)</code>.
+ *
+ * @param source The source buffer with application data.
+ * @param sink The buffer to hold the wrapped data.
+ * @return An engine result object for the operation.
+ * @throws SSLException If an SSL error occurs.
+ * @throws java.nio.ReadOnlyBufferException If 'sink' is read-only.
+ * @throws IllegalArgumentException If either 'source' or 'sink' is
+ * null.
+ * @throws IllegalStateException If this engine has not been put
+ * into client or server mode.
+ */
+ public SSLEngineResult wrap (ByteBuffer source, ByteBuffer sink)
+ throws SSLException
+ {
+ return wrap (new ByteBuffer[] { source }, 0, 1, sink);
+ }
+
+ /**
+ * Wraps byte buffers into an SSL message, for preparation to send
+ * them over the network.
+ *
+ * <p>This method is exactly equivalent to <code>wrap (sources, 0,
+ * 1, sink)</code>.
+ *
+ * @param sources The source buffers with application data.
+ * @param sink The buffer to hold the wrapped data.
+ * @return An engine result object for the operation.
+ * @throws SSLException If an SSL error occurs.
+ * @throws java.nio.ReadOnlyBufferException If 'sink' is read-only.
+ * @throws IllegalArgumentException If either 'sources' or 'sink' is
+ * null.
+ * @throws IllegalStateException If this engine has not been put
+ * into client or server mode.
+ */
+ public SSLEngineResult wrap (ByteBuffer[] sources, ByteBuffer sink)
+ throws SSLException
+ {
+ return wrap (sources, 0, sources.length, sink);
+ }
+
+ /**
+ * Wraps byte buffers into an SSL message, for preparation to send
+ * them over the network. After wrapping, the data in the sink
+ * buffer is ready to be sent over the transport layer.
+ *
+ * <p>This method may consume no data from the source buffers, and
+ * yet still produce output that should be sent accross the wire;
+ * for example if this engine has not yet completed the SSL
+ * handshake, the sink buffer will be filled with handshake
+ * messages.
+ *
+ * @param sources The source buffers with application data.
+ * @param offset The offset into the source buffers to start reading
+ * application data.
+ * @param length The number of buffers to read from 'sources'.
+ * @param sink The buffer to hold the wrapped data.
+ * @return An engine result object for the operation.
+ * @throws SSLException If an SSL error occurs.
+ * @throws java.nio.ReadOnlyBufferException If 'sink' is read-only.
+ * @throws IllegalArgumentException If either 'sources' or 'sink' is
+ * null.
+ * @throws IllegalStateException If this engine has not been put
+ * into client or server mode.
+ * @throws IndexOutOfBoundsException If 'offset' or 'length' is
+ * negative, or if 'length+offset' is greater than 'sources.length'.
+ */
+ public abstract SSLEngineResult wrap (ByteBuffer[] sources, int offset,
+ int length, ByteBuffer sink)
+ throws SSLException;
+
+}
diff --git a/libjava/classpath/javax/net/ssl/SSLEngineResult.java b/libjava/classpath/javax/net/ssl/SSLEngineResult.java
new file mode 100644
index 0000000..0d6a435
--- /dev/null
+++ b/libjava/classpath/javax/net/ssl/SSLEngineResult.java
@@ -0,0 +1,194 @@
+/* SSLEngineResult.java --
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package javax.net.ssl;
+
+/**
+ * A result from an {@link SSLEngine} <code>wrap</code> or
+ * <code>unwrap</code> operation. This class conveys a possibly
+ * intermediate result, and may ask for more input data or request
+ * that output data be sent over a connection.
+ */
+public class SSLEngineResult
+{
+ private final HandshakeStatus handshakeStatus;
+ private final Status status;
+ private final int bytesConsumed;
+ private final int bytesProduced;
+
+ /**
+ * Creates a new SSL engine result.
+ *
+ * @param status The status of the SSL connection.
+ * @param handshakeStatus The status of the SSL handshake.
+ * @param bytesConsumed The number of bytes consumed by the previous
+ * operation.
+ * @param bytesProduced The number of bytes produced by the previous
+ * operation.
+ * @throws IllegalArgumentException If either enum value is
+ * <code>null</code>, or if either integer is negative.
+ */
+ public SSLEngineResult (Status status, HandshakeStatus handshakeStatus,
+ int bytesConsumed, int bytesProduced)
+ {
+ if (status == null)
+ throw new IllegalArgumentException ("'status' may not be null");
+ if (handshakeStatus == null)
+ throw new IllegalArgumentException ("'handshakeStatus' may not be null");
+ if (bytesConsumed < 0)
+ throw new IllegalArgumentException ("'bytesConumed' must be nonnegative");
+ if (bytesProduced < 0)
+ throw new IllegalArgumentException ("'bytesProduced' must be nonnegative");
+ this.status = status;
+ this.handshakeStatus = handshakeStatus;
+ this.bytesConsumed = bytesConsumed;
+ this.bytesProduced = bytesProduced;
+ }
+
+
+
+ /**
+ * An enumeration of possible general states.
+ */
+ public static enum Status
+ {
+
+ /**
+ * There were not enough input bytes available to complete the
+ * operation.
+ */
+ BUFFER_UNDERFLOW,
+
+ /**
+ * There was not enough space for the output message.
+ */
+ BUFFER_OVERFLOW,
+
+ /**
+ * Okay. No error.
+ */
+ OK,
+
+ /**
+ * The connection is closed.
+ */
+ CLOSED
+ }
+
+ /**
+ * An enumeration of possible handshake status states.
+ */
+ public static enum HandshakeStatus
+ {
+
+ /**
+ * Not currently handshaking.
+ */
+ NOT_HANDSHAKING,
+
+ /**
+ * The handshake is finished.
+ */
+ FINISHED,
+
+ /**
+ * Needs the status of one or more delegated tasks.
+ */
+ NEED_TASK,
+
+ /**
+ * Has data prepared for output, and needs a new call to
+ * <code>wrap</code>.
+ */
+ NEED_WRAP,
+
+ /**
+ * Is waiting for more input.
+ */
+ NEED_UNWRAP
+ }
+
+
+
+ /**
+ * Returns the number of bytes consumed by the previous operation.
+ *
+ * @return The number of bytes consumed.
+ */
+ public int bytesConsumed ()
+ {
+ return bytesConsumed;
+ }
+
+ /**
+ * Returns the number of bytes produced by the previous operation.
+ *
+ * @return The number of bytes produced.
+ */
+ public int bytesProduced ()
+ {
+ return bytesProduced;
+ }
+
+ /**
+ * Returns the handshake status.
+ *
+ * @return The handshake status.
+ */
+ public HandshakeStatus getHandshakeStatus ()
+ {
+ return handshakeStatus;
+ }
+
+ /**
+ * Returns the connection status.
+ *
+ * @return The connection status.
+ */
+ public Status getStatus ()
+ {
+ return status;
+ }
+
+ public String toString ()
+ {
+ return (super.toString () + " [ status: " + status + "; handshakeStatus: "
+ + handshakeStatus + "; bytesConsumed: " + bytesConsumed
+ + "; bytesProduced: " + bytesProduced + " ]");
+ }
+}
diff --git a/libjava/classpath/javax/net/ssl/SSLSession.java b/libjava/classpath/javax/net/ssl/SSLSession.java
index 9400a1a..c8a4785 100644
--- a/libjava/classpath/javax/net/ssl/SSLSession.java
+++ b/libjava/classpath/javax/net/ssl/SSLSession.java
@@ -38,6 +38,7 @@ exception statement from your version. */
package javax.net.ssl;
+import java.security.Principal;
import java.security.cert.Certificate;
import javax.security.cert.X509Certificate;
@@ -48,6 +49,20 @@ import javax.security.cert.X509Certificate;
*/
public interface SSLSession
{
+
+ /**
+ * Returns the size of the largest application data buffer that can
+ * occur in this session.
+ *
+ * <p>Buffers passed to handle the incoming data for the
+ * <code>unwrap</code> method of SSLEngine must be at least this
+ * large.
+ *
+ * @return The size of application buffers.
+ * @since 1.5
+ */
+ int getApplicationBufferSize ();
+
/**
* Returns this session's cihper suite.
*
@@ -87,6 +102,28 @@ public interface SSLSession
Certificate[] getLocalCertificates();
/**
+ * Returns the {@link Principal} representing the local identity
+ * used in this session, or <code>null</code> if there is no local
+ * identity.
+ *
+ * @return The local principal.
+ */
+ Principal getLocalPrincipal ();
+
+ /**
+ * Returns the size of the largest SSL message that will be
+ * generated by this session.
+ *
+ * <p>Callers of <code>wrap</code> and <code>unwrap</code> should
+ * use this value to determine the size of buffers for data coming
+ * into, or going out over, the network.
+ *
+ * @returns The maximum network packet size.
+ * @since 1.5
+ */
+ int getPacketBufferSize ();
+
+ /**
* Returns the chain of certificates that the remote side used in
* the handshake, or null if none were used.
*
@@ -115,6 +152,27 @@ public interface SSLSession
String getPeerHost();
/**
+ * Returns the port number the remote peer is using for this
+ * session.
+ *
+ * @return The peer's port number.
+ * @since 1.5
+ */
+ int getPeerPort ();
+
+ /**
+ * Returns the {@link Principal} representing the identity of the
+ * remote peer, or <code>null</code> if the remote peer has no known
+ * identity.
+ *
+ * @return The remote peer's principal.
+ * @throws SSLPeerUnverifiedException If the remote peer's identity
+ * could not be verified.
+ * @since 1.5
+ */
+ Principal getPeerPrincipal () throws SSLPeerUnverifiedException;
+
+ /**
* Returns the protocol this session uses.
*
* @return The protocol.
@@ -152,6 +210,15 @@ public interface SSLSession
void invalidate();
/**
+ * Tells if this session is currently valid, and may be resumed.
+ *
+ * @return True if this session is valid.
+ * @since 1.5
+ * @see #invalidate()
+ */
+ boolean isValid ();
+
+ /**
* Binds a value to this session, with the given name.
*
* @param name The name to bind the object with.
diff --git a/libjava/classpath/javax/net/ssl/SSLSocketFactory.java b/libjava/classpath/javax/net/ssl/SSLSocketFactory.java
index d5d9b6e..7348b2e 100644
--- a/libjava/classpath/javax/net/ssl/SSLSocketFactory.java
+++ b/libjava/classpath/javax/net/ssl/SSLSocketFactory.java
@@ -142,7 +142,7 @@ public abstract class SSLSocketFactory extends SocketFactory
catch (Exception ex)
{
throw new RuntimeException("error instantiating default socket factory: "
- + ex.toString());
+ + ex.toString(), ex);
}
}
try
diff --git a/libjava/classpath/javax/net/ssl/TrustManagerFactory.java b/libjava/classpath/javax/net/ssl/TrustManagerFactory.java
index 62ab1c2..f868ae7 100644
--- a/libjava/classpath/javax/net/ssl/TrustManagerFactory.java
+++ b/libjava/classpath/javax/net/ssl/TrustManagerFactory.java
@@ -93,96 +93,105 @@ public class TrustManagerFactory
this.algorithm = algorithm;
}
- // Class methods.
- // -------------------------------------------------------------------------
-
/**
- * Returns an instance of a trust manager factory for the given algorithm
- * from the first provider that implements it.
- *
+ * Returns an instance of a trust manager factory for the given algorithm from
+ * the first provider that implements it.
+ *
* @param algorithm The name of the algorithm to get.
* @return The instance of the trust manager factory.
* @throws NoSuchAlgorithmException If no provider implements the given
- * algorithm.
+ * algorithm.
+ * @throws IllegalArgumentException if <code>algorithm</code> is
+ * <code>null</code> or is an empty string.
*/
public static final TrustManagerFactory getInstance(String algorithm)
- throws NoSuchAlgorithmException
+ throws NoSuchAlgorithmException
{
- Provider[] provs = Security.getProviders();
- for (int i = 0; i < provs.length; i++)
- {
- try
- {
- return getInstance(algorithm, provs[i]);
- }
- catch (NoSuchAlgorithmException ignore)
- {
- }
- }
+ Provider[] p = Security.getProviders();
+ NoSuchAlgorithmException lastException = null;
+ for (int i = 0; i < p.length; i++)
+ try
+ {
+ return getInstance(algorithm, p[i]);
+ }
+ catch (NoSuchAlgorithmException x)
+ {
+ lastException = x;
+ }
+ if (lastException != null)
+ throw lastException;
throw new NoSuchAlgorithmException(algorithm);
}
/**
- * Returns an instance of a trust manager factory for the given algorithm
- * from the named provider.
- *
+ * Returns an instance of a trust manager factory for the given algorithm from
+ * the named provider.
+ *
* @param algorithm The name of the algorithm to get.
* @param provider The name of the provider to get the instance from.
* @return The instance of the trust manager factory.
* @throws NoSuchAlgorithmException If the provider does not implement the
- * given algorithm.
+ * given algorithm.
* @throws NoSuchProviderException If there is no such named provider.
- * @throws IllegalArgumentException If the provider argument is null.
+ * @throws IllegalArgumentException if either <code>algorithm</code> or
+ * <code>provider</code> is <code>null</code>, or if
+ * <code>algorithm</code> is an empty string.
*/
public static final TrustManagerFactory getInstance(String algorithm,
String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
if (provider == null)
- {
- throw new IllegalArgumentException();
- }
+ throw new IllegalArgumentException("provider MUST NOT be null");
Provider p = Security.getProvider(provider);
if (p == null)
- {
- throw new NoSuchProviderException(provider);
- }
+ throw new NoSuchProviderException(provider);
return getInstance(algorithm, p);
}
/**
- * Returns an instance of a trust manager factory for the given algorithm
- * from the specified provider.
- *
+ * Returns an instance of a trust manager factory for the given algorithm from
+ * the specified provider.
+ *
* @param algorithm The name of the algorithm to get.
* @param provider The provider to get the instance from.
* @return The instance of the trust manager factory.
* @throws NoSuchAlgorithmException If the provider does not implement the
- * given algorithm.
- * @throws IllegalArgumentException If the provider argument is null.
+ * given algorithm.
+ * @throws IllegalArgumentException if either <code>algorithm</code> or
+ * <code>provider</code> is <code>null</code>, or if
+ * <code>algorithm</code> is an empty string.
*/
public static final TrustManagerFactory getInstance(String algorithm,
Provider provider)
- throws NoSuchAlgorithmException
+ throws NoSuchAlgorithmException
{
- if (provider == null)
- {
- throw new IllegalArgumentException();
- }
+ StringBuilder sb = new StringBuilder("TrustManagerFactory algorithm [")
+ .append(algorithm).append("] from provider[")
+ .append(provider).append("] could not be created");
+ Throwable cause;
try
{
- return new TrustManagerFactory((TrustManagerFactorySpi)
- Engine.getInstance(TRUST_MANAGER_FACTORY, algorithm, provider),
- provider, algorithm);
+ Object spi = Engine.getInstance(TRUST_MANAGER_FACTORY, algorithm, provider);
+ return new TrustManagerFactory((TrustManagerFactorySpi) spi,
+ provider,
+ algorithm);
}
- catch (InvocationTargetException ite)
+ catch (InvocationTargetException x)
{
- throw new NoSuchAlgorithmException(algorithm);
+ cause = x.getCause();
+ if (cause instanceof NoSuchAlgorithmException)
+ throw (NoSuchAlgorithmException) cause;
+ if (cause == null)
+ cause = x;
}
- catch (ClassCastException cce)
+ catch (ClassCastException x)
{
- throw new NoSuchAlgorithmException(algorithm);
+ cause = x;
}
+ NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString());
+ x.initCause(cause);
+ throw x;
}
/**
diff --git a/libjava/classpath/javax/net/ssl/X509ExtendedKeyManager.java b/libjava/classpath/javax/net/ssl/X509ExtendedKeyManager.java
new file mode 100644
index 0000000..ccd146f
--- /dev/null
+++ b/libjava/classpath/javax/net/ssl/X509ExtendedKeyManager.java
@@ -0,0 +1,96 @@
+/* X509ExtendedKeyManager.java --
+ Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package javax.net.ssl;
+
+import java.security.Principal;
+
+/**
+ * An extended {@link X509KeyManager} for use with {@link SSLEngine}.
+ *
+ * @since 1.5
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public abstract class X509ExtendedKeyManager implements X509KeyManager
+{
+
+ /**
+ * Default constructor.
+ */
+ protected X509ExtendedKeyManager ()
+ {
+ }
+
+ /**
+ * Return a client alias given a list of key types, a list of
+ * allowable issuers, and the SSLEngine being used.
+ *
+ * <p>This implementation always returns <code>null</code>.
+ *
+ * @param keyTypes The list of desired key types.
+ * @param issuers The list of desired key issuers.
+ * @param engine This client's SSLEngine.
+ * @return A key alias that matches the given parameters, or
+ * <code>null</code> if the parameters were not matched.
+ */
+ public String chooseEngineClientAlias (final String[] keyTypes,
+ final Principal[] issuers,
+ final SSLEngine engine)
+ {
+ return null;
+ }
+
+ /**
+ * Return a server alias given a key type, a list of allowable
+ * issuers, and the SSLEngine being used.
+ *
+ * <p>This implementation always returns <code>null</code>.
+ *
+ * @param keyType The desired key type.
+ * @param issuers The list of desired key issuers.
+ * @param engine The server's SSLEngine.
+ * @return A key alias that matches the given parameters, or
+ * <code>null</code> if the parameters were not matched.
+ */
+ public String chooseEngineServerAlias (final String keyType,
+ final Principal[] issuers,
+ final SSLEngine engine)
+ {
+ return null;
+ }
+}
generated by cgit v1.1 at 2025-03-28 03:50:23 +0000